[Samba] limit user logon to

Miguel Medalha miguelmedalha at sapo.pt
Wed Jan 28 23:46:03 GMT 2009 

> I have a question of a similar nature that I am going to post in a 
> separate message in this forum, but what I would like to know is 
> this:  Is there a comprehensive list of ALL of the attributes of a 
> sambaSamAccount somewhere?  I would like to know all of the various 
> things that you could control on a per user or per workstation basis 
> using Samba and LDAP.
>
>     LDAP Admin:
>
>     http://ldapadmin.sourceforge.net/
>
>     You can also manage your directory with a browser using the
>     following (among many):
>
>     phpLDAPadmin
>     http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page
>
>     LDAP Account Manager
>     http://lam.sourceforge.net/
>
>

Every one of the above LDAP directory management programs will show you 
the available object classes and their attributes. See "Schema Browser" 
under the first two or "Schema" under the third one. You can also 
manually open the samba3.schema under "/etc/openldap/schema" and read 
them from there.

Nevertheless, here it goes:

The samba3.schema contains the following object classes:

sambaConfig
sambaConfigOption
sambaDomain
sambaGroupMapping
sambaIdmapEntry
sambaSamAccount
sambaShare
sambaSidEntry
sambaTrustedDomainPassword
sambaTrustPassword
sambaUnixIdPool

The attributes pertaining to the objectClass "sambaSamAccount" are the 
following:

*sambaSID
*uid,userid (inherited from core.schema)
cn,commonName (inherited from core.schema)
description (inherited from core.schema)
displayName (inherited from inetorgperson.schema)
sambaAcctFlags
sambaBadPasswordCount
sambaBadPasswordTime
sambaDomainName
sambaHomeDrive              
sambaHomePath
sambaKickoffTime
sambaLMPassword
sambaLogoffTime
sambaLogonHours
sambaLogonScript
sambaLogonTime
sambaMungedDial
sambaNTPassword
sambaPasswordHistory
sambaPrimaryGroupSID
sambaProfilePath
sambaPwdCanChange
sambaPwdLastSet
sambaPwdMustChange
sambaUserWorkstations

* The attributes marked with * are required attributes which MUST be 
present. The others are optional and MAY be present.

More information about the samba mailing list